Head of Security Engineering - Senior Vice President

About the Role

iCapital is looking for a Head of Security Engineering to lead and evolve our security engineering function within a regulated financial services environment. This role combines strong technical depth, hands-on operational capability, and team leadership, ensuring our security architecture, tooling, and processes are scalable, resilient, and aligned with regulatory expectations.

You will manage a team of security engineers while remaining actively engaged in technical problem-solving, including supporting incident investigations and shaping secure architecture. You will partner closely with Engineering, DevOps, Infrastructure, and Technology/Development teams to embed security across the software development lifecycle and cloud environments.

Responsibilities

  Leadership & Team Management

• Lead, mentor, and develop a team of ~5 security engineers across multiple domains


• Define team priorities and execute against the security engineering roadmap


• Foster a culture of ownership, automation, and continuous improvement


• Partner with the CISO and senior stakeholders on strategy, reporting, and risk alignment

  Security Architecture & Engineering

• Own and evolve the firm’s security architecture and technology stack, including:
  
  
  
  • Cloud security (AWS/Azure/GCP, including CSPM/CNAPP)
  
  
  • Identity & Access Management (IAM), SSO, and Privileged Access Management (PAM)
  
  
  • SIEM, detection engineering, and logging architecture
  
  
  • CASB / SaaS security controls
  
  
  • Data protection (DLP, DSPM, encryption, key management)
  
  
  • Network security (firewalls, segmentation, zero trust architecture)
  
  
  
  


• Design and implement secure, scalable, cloud-native architectures


• Evaluate, select, and rationalize security tools and vendors

  Cloud & Infrastructure Security

• Define and enforce security standards across:


• Cloud environments (AWS/Azure/GCP)


• Containers and orchestration platforms (e.g., Kubernetes, Docker)


• Infrastructure as Code (Terraform, CloudFormation)


• Implement least privilege access models and zero trust principles

  DevSecOps & Secure Development

• Work closely with Engineering and DevOps teams to:


• Embed security into CI/CD pipelines and Infrastructure as Code (IaC)


• Implement secure coding practices and secrets management


• Perform threat modeling and secure design reviews


• Champion DevSecOps principles and shift-left security practices

  Automation & Engineering Excellence

• Drive security automation and orchestration (SOAR) to scale operations


• Utilize scripting and programming (e.g., Python, PowerShell, Bash) to:


• Automate workflows


• Integrate tools


• Enhance detection and response capabilities
  
  

Define and report on security KPIs and KRIs to the CISO and senior leadership

Qualifications

• 10+ years of experience in information security or security engineering


• Proven experience leading and managing technical security teams


• Strong hands-on expertise across:
  
  
  
  • Cloud security (AWS/Azure/GCP)
  
  
  • Identity and access management (IAM/PAM)
  
  
  • SIEM and detection engineering
  
  
  • Network and infrastructure security
  
  
  • Data protection technologies (DLP, DSPM, encryption)
  
  
  
  


• Experience working closely with SOC teams and incident response


• Demonstrated ability to partner with engineering and DevOps teams


• CISSP (required)


• Additional certifications preferred:
  
  
  
  • CCSP, AWS/Azure Security certifications
  
  
  • GIAC (e.g., GCIA, GCIH) or equivalent
  
  
  
  

Key Skills & Attributes

• Strong balance of technical depth and leadership capability


• Hands-on, pragmatic approach with the ability to dive into details when needed


• Experience implementing Zero Trust architectures


• Proficiency in scripting/automation (Python, PowerShell, etc.)


• Strong understanding of threat detection and adversary tactics


• Excellent communication skills with the ability to influence stakeholders at all levels


• Experience operating in regulated financial services environments

• Strong verbal and written communication skills


• Fluent in Portuguese and English

Employees in this role will work fully remote. Every department has different needs, and some positions will be designated in-office jobs, based on their function.

Benefits

iCapital offers a comprehensive benefits package that includes a total compensation program consisting of competitive salary, annual performance bonus, and equity for all full-time employees; healthcare with 100% employer-paid health and dental insurance; and generous paid time off (PTO).

For additional information on iCapital Network, please visit https://www.icapitalnetwork.com/about-us  Twitter: @icapitalnetwork | LinkedIn: https://www.linkedin.com/company/icapital-network-inc